Rider Levett Bucknall is committed to protecting and respecting your privacy. This document sets out the basis on which any personal information we collect from you, or that you provide to us, will be processed by us. Please read the following information carefully to understand our views and practices regarding your personal information and how we will treat it.
All our staff are responsible for data protection, and each person has their role to play to make sure that we are compliant with data protection laws.
1.2 DATA PROTECTION PRINCIPLES
The Data Protection Laws sets out 6 principles for maintaining and protecting personal data, which form the basis of the legislation. All personal data must be:
- processed lawfully, fairly and in a transparent manner and only if certain specified conditions are met;
- collected for specific, explicit and legitimate purposes, and not processed in any way incompatible with those purposes (“purpose limitation”);
- adequate and relevant, and limited to what is necessary to the purposes for which it is processed (“data minimisation”);
- accurate and where necessary kept up to date;
- kept for no longer than is necessary for the purpose (“storage limitation”);
- processed in a manner that ensures appropriate security of the personal data using appropriate technical and organisational measures (“integrity and security”).
1.3 WHAT HAVE WE DONE AT RLB TO FOLLOW THESE PRINCIPLES
- Implement a data breach process within our IT Service Desk to ensure any breaches are recorded and processed within the GDPR time frame
- We use all available technology and software to ensure our data is as secure as possible. All devices including mobile phones, tablets and laptops are encrypted and managed centrally to ensure data protection. We use security software such as Bitlocker and privacy screens are used for staff dealing with confidential or high-risk data. Our technology providers such as Microsoft & Mimecast also ensure our data is protected by the highest standard
- Update our SAR (Subject Access Request) process to ensure they are dealt with within 30 days
- All existing and new staff complete on-line training in data protection and cyber-security
- Consider data protection in all new deployments and ensure we consider any risk to the data we hold
- Update our privacy notices to cover the different relationships RLB are involved with
1.4 PRIVACY NOTICES
Below there are three privacy notices each regarding different data processes depending on your relationship with RLB. Each notice details within each sub-category ways in which we process your data. Including;
- Personal Information categories
- Special Categories of Personal Information
- Where we collect your personal data from
- Uses made of the information
- Who we share your personal information with
- Transferring your personal information internationally
- How long do we keep personal information for
- Your rights in relation to your personal information
1.5 PRIVACY NOTICE FOR PROSPECTIVE EMPLOYEES
This notice applies to you if we process your personal information and you are a prospective candidate employee, worker, director or consultant. If you are offered and accept an engagement with us you will be provided with a new privacy notice which will replace this one and cover you working for us. This is held on our Company Intranet. References to you, your and yourself in this privacy notice are to you.
1.6 PRIVACY NOTICE FOR ‘REST OF WORLD’
This notice applies to you if we process your personal information and you are not an employee or worker of ours, a prospective candidate employee or worker or an individual to whom we have provided a specific privacy notice.
You may be, for example, be an individual that works at a supplier or customer or another organisation that we deal with, an attendee at one of our marketing events, a user of our website or someone who is affected by our activities. References to you, your and yourself in this privacy notice are to either you as an individual or any organisation that you work for. References to we, our or us in this privacy notice are to RLB UK Limited
1.7 PRIVACY NOTICE FOR CLIENT PROFESSIONAL WORK
This notice applies to current and past clients of RLB UK Limited who are living individuals and to individuals who work for our clients, debtors or creditors of our clients, persons connected to a business relationship with our client or persons connected to disputes with or other matters involving our clients. In each case it may involve you directly, or you may work for or be engaged by a person who falls into one of these categories. References to you, your and yourself in this privacy notice are to either you as an individual or any organisation that you work for.
1.8 COOKIES AND THEIR USE BY RLB
Cookies are text files placed on your computer to collect standard internet log information and visitor behavior information. This information is used to track visitor use of our website and to compile statistical reports on website activity.
For further information visit www.allaboutcookies.org. You can set your browser not to accept cookies and these websites tell you how to remove cookies from your browser.
We are not required to appoint a Data Protection Officer. However, we have still appointed our Finance Director to be responsible for overseeing our compliance with data protection laws and they have the title of Data Protection Compliance Manager.
For the purposes of the Act, the data controller is Rider Levett Bucknall UK Limited of 15 Colmore Row, Birmingham, West Midlands B3 2BH.
1.10 CONTACT US:
If you wish to contact us in the event of any query or complaint in connection with the information we hold about you, please email firstname.lastname@example.org or write to us at Company Secretary, 15 Colmore Row, Birmingham, B3 2BH